After banging my head against the wall for a while trying to get LimeSurvey v2.05 Build 140302 authenticating against an Active Directory I finally made it. Since no clear documentation on this matter exists for the latest version I have decided to post this here in the hopes other might find this useful.

So firstly lets understand what kind of user profiles we have, namely:

Super Administrator

Survey Administrator

Survey Participants

This first post will deal only with point 1 & 2. I haven't yet tackled point 3 but when I do I will post a follow-up.

So firstly one needs to understand that LimeSurvey does not authenticate directly against an Active Directory. It can only pick up on a already authenticated user and provide access to user level 1 or 2. The following will now detail each step required to set things up on a CentOS 6.5 running Apache HTTPd v2.2.15 and authenticating against a Windows Server 2008 R2 Active Directory.

Configure Apache for Active Directory Authentication
First thing one need to guarantee is setting up Apache to authenticate against an Active Directory. Make sure all plugins for HTTP and LDAP authentication are disabled and that you have no LDAP enabled settings in your config.php or config-default.php.
1. Install Apache LDAP module with

Note1: Change all values within [] to your own values
Note2: The code above assumes you are running limesurvey under http://your_ip/limesurvey , if you are running at root level then "/limesurvey" should be removed from the location tag
Note3: The configs above are limiting access to users belonging to the group "LIMESURVEY_ADMINS". To enable all users in AD use "AuthLDAPURL "ldap://[ip]:389/cn=Users,DC=[domain],DC=local?sAMAccountName?sub?(objectClass=*)""
4. Restart Apache with service httpd restart
5. Access Limesurvey admin at http://your_ip/limesurvey/admin
6. If everything is working correctly you should get a login box where you can place your active directory username and password. If it works you will be presented with limesurvey's login page, if it doesn't check your /var/log/httpd/error_log for more information why it didn't work.

Change /limesurvey/application/config/config-defaults.php
Yes I am changing the values in config-default.php, this is because when I copied them over to config.php it seemed to never work. In the end I just left config.php only with DB connection values and everything else I do in the default file. Here are all the settings I changed/added/created:

// Changed this temporarily because if you are locked out this could be one of the reasons for future problems when everything is actually correct. (Don't know how to disable this)$config['maxLoginAttempt']=50000;$config['timeOutTime']=10*1;// Ldap settings$config['enableLdap']=true;$config['auth_webserver']=true;$config['auth_webserver_user_map']=array();// This is important for future "Super Admin privileges"$config['auth_webserver_autocreate_user']=true;function hook_get_auth_webserver_profile($user_name){$ldap_connection2=NULL;$LDAP_HOSTNAME='[ad_hostname]';$ldap_username='[ad_user]@[domain].local';$ldap_password='[password]';$ldap_base_dn='DC=[domain],DC=local';$ldap_connection2=ldap_connect($LDAP_HOSTNAME);ldap_set_option($ldap_connection2, LDAP_OPT_PROTOCOL_VERSION,3) or die('Unable to set LDAP protocol version');ldap_set_option($ldap_connection2, LDAP_OPT_REFERRALS,0);// We need this for doing an LDAP search.ldap_bind($ldap_connection2,$ldap_username,$ldap_password);$attributes=array("displayname","mail","samaccountname");$search_filter="(&(objectCategory=person)(sAMAccountname=$user_name))";$result=ldap_search($ldap_connection2,$ldap_base_dn,$search_filter,$attributes);$entries=ldap_get_entries($ldap_connection2,$result);$full_name=$entries[0]['displayname'][0];$mail=$entries[0]['mail'][0];ldap_unbind($ldap_connection2);returnArray('full_name'=>"$full_name",'email'=>"$mail",'lang'=>'en','htmleditormode'=>'inline');}

3. Click on configure for Webserver authentication, leave as is with "REMOTE_USER" BUT CLICK ON SAVE! If you don't it won't work.

4. Activate Webserver plugin

Test
Now you should have everything set-up to work. Just access your limesurvey admin address at http://ip_address/limesurvey/admin enter your AD user/pass and you should be automatically logged in with Survey Administrator privileges.

If you want to get automatic Super Admin privileges you have to go back to config-default.php and use the "$config = array();" such as "$config = array('username_you_want_as_admin' => 'admin');"